[Unity] Various improvements #67
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Some processes do export useful symbols that can be used to recover memory addresses or other useful values. The newly added `symbols()` function allows to iterate over them in order to recover, if needed, the addresses of interest. For example, Duckstation (a PS1 emulator) exports the address of the emulated RAM as a symbol, so it can be easily recovered by simply querying: ```rust let pointer: Address = pe::symbols::<5>(&process, main_module).find(|symbol| symbol.name.matches(b"RAM")); ```
Several improvements were made to the Mono and IL2CPP code that should allow for easier mantainance and less spaghetti code:
- Mono was already using the `mono_assembly_foreach` symbol to find the game assemblies. This code is now part of the crate itself so the relative call has been changed
- PE module sizes are now queried using `pe::read_size_of_image` in order to avoid issues with Proton/Wine under linux
- The function to automatically detect the IL2CPP stuct version to use was broken. It has been fixed now, although there is no guarantee this will work fine on every game, so help by experienced Unity hackers might be appreciated anyway
- A `CSTR` const is now used instead of manually defining a capacity of 128 every time an `ArrayCString` is read from memory. This way, in case of need, the capacity of the `ArrayCString`s can be changed as needed
- A (private) `Assembly` struct has been added, as a `MonoImage` is technically loaded from the assembly. There is no need to make this struct public, but it allows to streamline some code. Also, if more functions are needed that rely on an `Assembly` instead of a `Image`, this should allow for easier future implementations
- A `Field` struct has been added in order to use some functions specific for `MonoField` (`get_name()` and `get_offset()`). `Class::get_field` has been renamed to `Class:get_field_offset` for better clarity. As for `Assembly`, this struct is not exposed publicly
- Code has been slightly modified and optimized, for example by using iterators instead of standard loops
- Some functions have now a simpler syntax
- Empty iterators now properly return as empty iterators, instead of returning Error
- A `UnityPointer` struct has been added to allow for automatic pointer path resolution. It internally uses `DeepPointer`, wrapped into a `OnceCell` to allow for lazy evaluation of the pointer path with interior mutability when trying to `deref()` it. Example:
```rust
let is_loading = UnityPointer::<5>::new("SceneManager", 1, &["s_sInstance", "m_bProcessing"]);
...
watcher.is_loading.update(is_loading.deref::<bool>(&process, &module, &image).ok());
```
CryZe
requested changes
Oct 15, 2023
CryZe
approved these changes
Oct 16, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Several improvements were made to the Mono and IL2CPP code that should allow for easier mantainance and less spaghetti code:
mono_assembly_foreachsymbol to find the game assemblies. This code is now part of the crate itself so the relative call has been changedpe::read_size_of_imagein order to avoid issues with Proton/Wine under linuxCSTRconst is now used instead of manually defining a capacity of 128 every time anArrayCStringis read from memory. This way, in case of need, the capacity of theArrayCStrings can be changed as neededAssemblystruct has been added, as aMonoImageis technically loaded from the assembly. There is no need to make this struct public, but it allows to streamline some code. Also, if more functions are needed that rely on anAssemblyinstead of aImage, this should allow for easier future implementationsFieldstruct has been added in order to use some functions specific forMonoField(get_name()andget_offset()).Class::get_fieldhas been renamed toClass:get_field_offsetfor better clarity. As forAssembly, this struct is not exposed publiclyUnityPointerstruct has been added to allow for automatic pointer path resolution. It internally usesDeepPointer, wrapped into aOnceCellto allow for lazy evaluation of the pointer path with interior mutability when trying toderef()it. Example: